Safety features we apply to payment cards data

Safety of payment cards is one of the top priorities in GoPay. We apply the latest security standards and technologies that are in compliance with the PCI DSS Level 1 standard.

1. Storing

We only store payment cards with a proven approach of the owner. This is always combined with a mobile phone number and e-mail address.

2. Encryption

We always store payment card data using the latest encryption techniques. We use a series of encryption keys stored on separate physical servers. Data storage is on a separate network that is not connected to the internet.

3. Safety code

We never store a payment card security code located on a back side of a card known as CAV2, CID, CVC2, CVV2. In addition we irregularly require a security code of all stored payment cards to enhance a safety standard.

4. SMS login

To access a payment card on our payment gateway it is necessary to login via cardholder’s registered mobile phone. Distribution of one-time SMS code is sent when login is requested and is valid at that particular moment only.

5. 3D Secure

We use 3D Secure security to increase a total security of payment card access. Self control of MPI component that communicates with VISA and MasterCard, allows us to freely activate this protection according to the amount of the payment or other safety rules.

6. SSL communication

All communication between the merchant and our payment gateway is encrypted by 128-bit SSL certificate.

7. Logging activities

We store all information about a payment card, incl. its using and editing. The security method of logged information is resistant to unwanted changes or manipulations.

8. Penetration tests

Our system is a subject to regular safety tests that simulate how the system can be affected. All tests are conducted by an independent authority.

9. Secure environment

Our network topology was designed with minimal access to surrounding networks. We only allow VPN access from authorized IP addresses. On a regular basis we update each individual server.

Was this article helpful?:

Are you looking for something else?

Contact support specialist